X509 Authentication with Tomcat over SSL

Hello all, can anyone point me in the right direction on how to get Apache Tomcat 6.0.35 to prompt the user for authentication with his / her X509 cert when they hit any given page? I already have SSL setup and the relevant section of my server.xml looks like:

But I'm not sure what to do next. Ultimately I want to collect the user's cert on the server to make requests to other services that need it so I don't have to do everything via AJAX on the client.